Device provenance
App Attest, Play Integrity, and DPoP are orchestrated so every request is tied to a real device and binary.
Mobile AI security platform
Keep secrets out of your app. Ship AI features securely.
Gate/AI verifies devices with attestation, binds every token with DPoP, and injects provider secrets server-side. Your binary ships clean.
Live signal
Secure mobile request
DPoP proof
eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InRrX2RldmljZSJ9...
Policy
Device rate limit · 500 req / day
Global limit · 25k req / day
Provider
openai:gpt-4o-mini
Forwarded · Secret injected server-side
Telemetry
- Latency
- 142 ms
- Spend (24h)
- $18.40
Your Mobile App
Secure Enclave key · App Attest / Play Integrity
Gate/AI
Verify · DPoP bind · Rate limit · Inject secret
Attestation
Verified
DPoP
Bound
Rate limit
12 / 500
Secret
Injected
AI Provider
OpenAI · Anthropic · Gemini · Custom
How every request is secured
1
Device attestation
App Attest (iOS) or Play Integrity (Android) proves the device and binary are genuine.
2
DPoP token binding
Every request is signed by the Secure Enclave key. Tokens can't be replayed or used off-device.
3
Policy enforcement
Per-device and global rate limits, usage budgets, and environment checks before forwarding.
4
Secret injection & proxy
Gate/AI injects the provider API key server-side and forwards to OpenAI, Anthropic, or Gemini.
Today's traffic
Last 24 hours
2,847
Requests
142
Devices
$18.40
AI spend
Recent requests
dk_9f2a → openai/gpt-4o-mini
142ms dk_c4b1 → rejected
0ms dk_2e8b → anthropic/claude-sonnet
203ms dk_7a1f → gemini/gemini-pro
189ms SDKs for
Swift Kotlin React Native Flutter Unity REST API
The platform
A single control plane for AI security, usage, and spend.
Gate/AI pairs cryptographic trust with the controls finance and security teams expect. No custom backend, no overnight pager duty.
Runtime policy
Per-device and global rate limits, short-lived tokens, and usage budgets block abuse before it hits your AI bill.
Observability
Every call is recorded with context so you can audit, alert, and debug from a single mobile-friendly control plane.
Why now
Shipping secrets is no longer acceptable.
Reverse engineering tools expose API keys in minutes. Gate/AI hardens every call so you can roll out AI safely—even if you do not run your own backend.
- 1 Decompile your app once, replay requests forever. Gate/AI binds every request to device + nonce.
- 2 API providers throttle by key, not by device. We enforce both to cap runaway spend.
- 3 Compliance teams demand logs. We capture every decision so you can pass audits with evidence.
How Gate/AI responds
- Authenticate
- Device attestation + Secure Enclave key pair + DPoP per request.
- Authorize
- Inspect device posture, environment, and customer tier before tokens are minted.
- Audit
- Stream structured logs to your SIEM or export CSVs for finance reviews.
Result
Secrets stay in the cloud. Attack surface shrinks to zero.
How it works
Secure AI in three steps.
01
Add the Gate/AI SDK
iOS, Android, and cross-platform SDKs drop into your app without a custom backend.
02
Authorize installs
Gate/AI verifies each install with attestation, provisions device-scoped keys, and issues DPoP-bound tokens.
03
Proxy AI traffic
Your app calls Gate/AI, we forward to OpenAI, Anthropic, or Gemini, and inject the secret on the fly.
Capabilities
Everything mobile teams need, nothing you have to rebuild.
Gate/AI gives security, finance, and product teams shared visibility across every AI request.
Adaptive rate limiting
Set device, user, or environment quotas and dynamically clamp traffic before runaway spend.
Multi-provider routing
Switch between OpenAI, Anthropic, Google Gemini, or custom LLMs without rebuilding your client.
Secrets never ship
API keys stay in Gate/AI. Tokens expire in minutes and are locked to a proven device.
Playback-safe logging
Structured logs redact payloads, but keep enough context to trace abuse and performance bottlenecks.
Attestation orchestration
We manage App Attest, Play Integrity, and the Secure Enclave/StrongBox lifecycle for you.
Enterprise controls
SOC 2-ready audit trails, SSO for the console, and fine-grained workspace roles keep security teams happy.
Pricing
Friendly tiers for solo devs and scale-ups.
Start in minutes for free. Upgrade as soon as you need more devices, without talking to sales.
Friendly pricing for solo devs
Choose the plan that's right for your app. All plans include zero-trust security and cloud-based key management.
Free
$0
USD
Per month
- 25 monthly devices
- 100 daily requests
- 1 gated service
- Basic analytics
Core
$4.99
$49.99
USD
Per month
Per year
- 200 monthly devices
- Unlimited daily requests
- 3 gated services
- Global rate limiting
- Basic analytics
Pro
$9.99
$99.99
USD
Per month
Per year
- 500 monthly devices
- Unlimited daily requests
- Unlimited gated services
- Global & device rate limiting
- Advanced analytics
Need more than 500 devices per month or want help designing your rollout? Let's talk.
FAQ
Frequently asked questions
Everything you need to know before shipping AI on mobile the right way.
-
A mobile AI gateway is a security and routing layer between your mobile app and AI providers. It keeps provider API keys out of your app, verifies devices, issues short-lived tokens, and enforces per-device policies so you can safely call LLM APIs from iOS and Android.
-
A regular AI gateway assumes trusted backend callers. A mobile AI gateway assumes untrusted clients, uses device attestation and sender-constrained tokens, and is designed so you don't need your own backend just to talk to AI providers.
-
For many apps, no. Gate/AI is designed so you can ship secure AI features from a purely client-side mobile app, while Gate/AI acts as the secure middle layer between your app and AI providers.
-
At a high level, 3 key security advances allow us to do this:
- A one-time device key-pair is created and stored in the Secure Enclave on iOS or StrongBox on Android. The private key never leaves the secure area and is never seen by the app. Attackers can't get a hold of it.
- Platform specific attestation services allows our server to prove an app install is real. App Attest on iOS and Play Integrity on Android.
- OAuth 2.0's Demonstrating Proof of Possession (DPoP). Every API call includes a lightweight, per-request proof signed by the device key. Gate/AI then verifies that the proof matches the token and the current request, blocking replays and off-device use.
-
These are the number of unique monthly devices that will make a request through Gate/AI's proxy service. This is not the same as the TOTAL number of monthly devices your app has. Your app has to make a request to Gate/AI in order to count towards your usage.
For example:
- A device running your app makes one request to Gate/AI: that's considered 1 device towards your usage.
- Another device makes 100 requests to Gate/AI: that's considered 1 device towards your usage.
-
Yes, of course. We aren't going to nickel and dime you. Our overhead is around device verification. So that's how we are charging.
Ready to ship?
Keep your secrets out of your binaries starting today.
Create a free workspace, invite your teammates, and plug Gate/AI into your mobile app before lunch.